2019-03-21 16:00:09 +03:00
|
|
|
#!/usr/bin/env python2
|
2011-04-15 17:41:50 +04:00
|
|
|
|
|
|
|
"""
|
|
|
|
safe2bin.py - Simple safe(hex) to binary format converter
|
|
|
|
|
2019-01-05 23:38:52 +03:00
|
|
|
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
2017-10-11 15:50:46 +03:00
|
|
|
See the file 'LICENSE' for copying permission
|
2011-04-15 17:41:50 +04:00
|
|
|
"""
|
|
|
|
|
2019-01-22 03:20:27 +03:00
|
|
|
from __future__ import print_function
|
|
|
|
|
2011-04-15 17:41:50 +04:00
|
|
|
import binascii
|
|
|
|
import re
|
2011-04-15 17:51:06 +04:00
|
|
|
import string
|
2011-04-15 17:41:50 +04:00
|
|
|
import os
|
|
|
|
import sys
|
|
|
|
|
|
|
|
from optparse import OptionError
|
|
|
|
from optparse import OptionParser
|
|
|
|
|
2019-03-29 00:54:05 +03:00
|
|
|
if sys.version_info >= (3, 0):
|
2019-03-28 17:14:16 +03:00
|
|
|
xrange = range
|
2019-04-19 12:24:34 +03:00
|
|
|
text_type = str
|
2019-05-02 01:45:44 +03:00
|
|
|
string_types = (str,)
|
2019-05-03 00:51:54 +03:00
|
|
|
unichr = chr
|
2019-04-19 12:24:34 +03:00
|
|
|
else:
|
|
|
|
text_type = unicode
|
2019-05-02 01:45:44 +03:00
|
|
|
string_types = (basestring,)
|
2019-03-28 17:14:16 +03:00
|
|
|
|
2011-04-15 17:41:50 +04:00
|
|
|
# Regex used for recognition of hex encoded characters
|
|
|
|
HEX_ENCODED_CHAR_REGEX = r"(?P<result>\\x[0-9A-Fa-f]{2})"
|
|
|
|
|
|
|
|
# Raw chars that will be safe encoded to their slash (\) representations (e.g. newline to \n)
|
2011-06-11 11:54:59 +04:00
|
|
|
SAFE_ENCODE_SLASH_REPLACEMENTS = "\t\n\r\x0b\x0c"
|
|
|
|
|
2011-12-23 00:08:28 +04:00
|
|
|
# Characters that don't need to be safe encoded
|
2019-05-03 02:20:10 +03:00
|
|
|
SAFE_CHARS = "".join([_ for _ in string.printable.replace('\\', '') if _ not in SAFE_ENCODE_SLASH_REPLACEMENTS])
|
2011-12-23 00:08:28 +04:00
|
|
|
|
2015-11-16 17:02:30 +03:00
|
|
|
# Prefix used for hex encoded values
|
|
|
|
HEX_ENCODED_PREFIX = r"\x"
|
|
|
|
|
|
|
|
# Strings used for temporary marking of hex encoded prefixes (to prevent double encoding)
|
|
|
|
HEX_ENCODED_PREFIX_MARKER = "__HEX_ENCODED_PREFIX__"
|
|
|
|
|
2011-06-11 11:54:59 +04:00
|
|
|
# String used for temporary marking of slash characters
|
|
|
|
SLASH_MARKER = "__SLASH__"
|
2011-04-15 17:41:50 +04:00
|
|
|
|
2011-04-15 17:51:06 +04:00
|
|
|
def safecharencode(value):
|
|
|
|
"""
|
|
|
|
Returns safe representation of a given basestring value
|
|
|
|
|
|
|
|
>>> safecharencode(u'test123')
|
|
|
|
u'test123'
|
|
|
|
>>> safecharencode(u'test\x01\x02\xff')
|
|
|
|
u'test\\01\\02\\03\\ff'
|
|
|
|
"""
|
|
|
|
|
|
|
|
retVal = value
|
|
|
|
|
2019-05-02 01:45:44 +03:00
|
|
|
if isinstance(value, string_types):
|
2019-04-19 12:24:34 +03:00
|
|
|
if any(_ not in SAFE_CHARS for _ in value):
|
2015-11-16 17:02:30 +03:00
|
|
|
retVal = retVal.replace(HEX_ENCODED_PREFIX, HEX_ENCODED_PREFIX_MARKER)
|
2012-12-28 01:43:39 +04:00
|
|
|
retVal = retVal.replace('\\', SLASH_MARKER)
|
2011-04-15 17:51:06 +04:00
|
|
|
|
2011-12-23 00:08:28 +04:00
|
|
|
for char in SAFE_ENCODE_SLASH_REPLACEMENTS:
|
|
|
|
retVal = retVal.replace(char, repr(char).strip('\''))
|
2011-06-11 11:54:59 +04:00
|
|
|
|
2019-05-02 17:54:54 +03:00
|
|
|
for char in set(retVal):
|
|
|
|
if not (char in string.printable or isinstance(value, text_type) and ord(char) >= 160):
|
|
|
|
retVal = retVal.replace(char, '\\x%02x' % ord(char))
|
2012-12-28 01:43:39 +04:00
|
|
|
|
2013-01-16 17:16:22 +04:00
|
|
|
retVal = retVal.replace(SLASH_MARKER, "\\\\")
|
2015-11-16 17:02:30 +03:00
|
|
|
retVal = retVal.replace(HEX_ENCODED_PREFIX_MARKER, HEX_ENCODED_PREFIX)
|
2011-04-15 17:51:06 +04:00
|
|
|
elif isinstance(value, list):
|
|
|
|
for i in xrange(len(value)):
|
|
|
|
retVal[i] = safecharencode(value[i])
|
|
|
|
|
|
|
|
return retVal
|
|
|
|
|
2013-01-16 17:16:22 +04:00
|
|
|
def safechardecode(value, binary=False):
|
2011-04-15 17:41:50 +04:00
|
|
|
"""
|
2011-04-15 17:51:06 +04:00
|
|
|
Reverse function to safecharencode
|
2011-04-15 17:41:50 +04:00
|
|
|
"""
|
|
|
|
|
|
|
|
retVal = value
|
2019-05-02 01:45:44 +03:00
|
|
|
if isinstance(value, string_types):
|
2012-12-28 01:43:39 +04:00
|
|
|
retVal = retVal.replace('\\\\', SLASH_MARKER)
|
2011-04-15 17:41:50 +04:00
|
|
|
|
|
|
|
while True:
|
2012-12-28 01:43:39 +04:00
|
|
|
match = re.search(HEX_ENCODED_CHAR_REGEX, retVal)
|
2011-04-15 17:41:50 +04:00
|
|
|
if match:
|
2019-05-03 00:51:54 +03:00
|
|
|
retVal = retVal.replace(match.group("result"), unichr(ord(binascii.unhexlify(match.group("result").lstrip("\\x")))))
|
2011-04-15 17:41:50 +04:00
|
|
|
else:
|
|
|
|
break
|
|
|
|
|
|
|
|
for char in SAFE_ENCODE_SLASH_REPLACEMENTS[::-1]:
|
|
|
|
retVal = retVal.replace(repr(char).strip('\''), char)
|
|
|
|
|
2011-06-11 11:54:59 +04:00
|
|
|
retVal = retVal.replace(SLASH_MARKER, '\\')
|
|
|
|
|
2013-01-16 17:16:22 +04:00
|
|
|
if binary:
|
2019-04-19 12:24:34 +03:00
|
|
|
if isinstance(retVal, text_type):
|
2013-01-16 17:16:22 +04:00
|
|
|
retVal = retVal.encode("utf8")
|
|
|
|
|
2011-04-15 17:41:50 +04:00
|
|
|
elif isinstance(value, (list, tuple)):
|
|
|
|
for i in xrange(len(value)):
|
|
|
|
retVal[i] = safechardecode(value[i])
|
|
|
|
|
|
|
|
return retVal
|
|
|
|
|
|
|
|
def main():
|
|
|
|
usage = '%s -i <input file> [-o <output file>]' % sys.argv[0]
|
2011-04-30 17:20:05 +04:00
|
|
|
parser = OptionParser(usage=usage, version='0.1')
|
2011-04-15 17:41:50 +04:00
|
|
|
|
|
|
|
try:
|
|
|
|
parser.add_option('-i', dest='inputFile', help='Input file')
|
|
|
|
parser.add_option('-o', dest='outputFile', help='Output file')
|
|
|
|
|
|
|
|
(args, _) = parser.parse_args()
|
|
|
|
|
|
|
|
if not args.inputFile:
|
|
|
|
parser.error('Missing the input file, -h for help')
|
|
|
|
|
2019-01-22 16:09:13 +03:00
|
|
|
except (OptionError, TypeError) as ex:
|
|
|
|
parser.error(ex)
|
2011-04-15 17:41:50 +04:00
|
|
|
|
|
|
|
if not os.path.isfile(args.inputFile):
|
2019-01-22 03:20:27 +03:00
|
|
|
print('ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile)
|
2011-04-15 17:41:50 +04:00
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
f = open(args.inputFile, 'r')
|
|
|
|
data = f.read()
|
|
|
|
f.close()
|
|
|
|
|
|
|
|
if not args.outputFile:
|
|
|
|
args.outputFile = args.inputFile + '.bin'
|
|
|
|
|
|
|
|
f = open(args.outputFile, 'wb')
|
|
|
|
f.write(safechardecode(data))
|
|
|
|
f.close()
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
main()
|